The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The 2010 Governance Risk & Compliance Summit
1. Governance,
Re gu
The 2009
gi st
Au
Sa
st 14
er t
risk manaGemenT
ve
by h
$4
compliance summiT
00
and
Develop an Integrated Approach to Risk Management,
Compliance and Corporate Governance
sepTember 29, 30 & ocTober 1, 2009
John hancock hoTel & conference cenTer
bosTon, ma
This comprehensive Governance, risk and
compliance (Grc) evenT will demonsTraTe
how To:
• Identify a methodology to link process and
technology, effectively bridging together
internal audit, risk management, information
security, operations and compliance
functions.
• Utilize GRC to effectively execute corporate
strategy in tough economic times
• Grow GRC capabilities and transform
a reactive and technologically focused
approach, into a proactive and risk based
approach
Presented by: Sponsors:
2. Enable Your Organization to Anticipate and Manage Business
Risk while More Effectively Delivering Value
Dear GRC Executive,
Today’s organization is a complex multiplicity of global processes and business relationships. Organizations
are struggling to identify, manage, and control Governance, Risk Management, and Corporate Compliance
(GRC) across business relationships. At the 2009 Governance, Risk Management, and Compliance
Conference you will learn to effectively enable your organization to anticipate and manage business risk
while more effectively delivering value for the organization.
PREPARING FOR AN UNCERTAIN FUTURE ADOPT AN INTEGRATED APPROACH
Ignoring or misunderstanding financial risks played a GRC is often positioned as a single business activity, when it
substantial role in creating the world financial crisis in 2008. actually includes multiple overlapping and related activities
The financial crisis has essentially undone the last decade of within an organization including internal audit, compliance
deregulation, and corporate leaders and legal teams will bear programs like SOX, enterprise risk management (ERM),
the responsibility of rebuilding whole industries from the operational risk, and incident management among others.
ground up. Business leaders everywhere should be asking Within the GRC realm, if the first element –Governance--is
themselves what could have been done differently and what not in place, the second two elements -Risk Management and
can be done in the future to avoid crisis of this proportion. Compliance- become irrelevant and cannot be meaningfully
A large portion of the answer lies in the area of governance achieved. Likewise, if second element --Risk Management--
itself. Businesses need sound, ethical and well-planned is not in place then achieving Compliance becomes irrelevant
building blocks on which to found their governance and generally cannot be meaningfully achieved.
principles, regardless of future regulations. Implementing It is necessary to improve each of the elements of your
internal controls, breaking down communication barriers organization’s GRC initiative as well as increase overall
between departments and centralizing information are vital performance by breaking down communication barriers
to proper corporate governance. between finance, IT (Information Technology) and Legal
According to a study by The Economist Intelligence Unit, departments. Organizations must evaluate their financial
“Companies are beginning to realize that the full value activities to ensure the correct operation of all financial
of [governance] depends in large part on the policies and processes, as well as compliance with any finance-related
procedures that govern and control its use, access, analysis, mandates. Learn how to strike an appropriate balance
retention and protection.” In a poll conducted by the EIU: between business reward and risk. Ensure that the IT
organization supports the current and future needs of the
“… 77% of respondents expect … governance to be … business, and complies with all IT-related mandates. Finally,
very important to their company’s success over the next three tie all three components together through your organization's
years. As a result, many firms have begun building the legal department and Chief Compliance Officer.
foundation for … governance policies. A majority (65%)
have defined policies around how information is to be stored Join GSMI on September 29th, 30th and October 1st in John
and shared among employees and stakeholders. Furthermore, Hancock Hotel & Conference Center - Boston for the 2009
some organizations are forming formal governance bodies GRC Conference to learn strategies to join the movement
to create strategies, policies and procedures surrounding the from managing risk as a transaction or compliance activity
distribution of information inside and outside the firm. This to adding business value by improving operational decision
is a good start, but considering that 68% of respondents also making and strategic planning. Register today by calling
expect that the complexity of their company’s information 888.409.4418 or visit us at www.gsmiweb.com. I hope to
governance issues will grow over the next three years, there is see you this September!
little time to waste.”
Regards,
Luke Vinci
President, GSMI
2 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
3. Adopt an
Integrated Approach
to Governance, Risk
and Compliance
WHO SHOULd ATTEnd?
Managers and executives involved in Governance, Risk Management and Compliance:
• Governance, risk, compliance • Manager, Enterprise Risk Management
(gRC) staff • Risk analysts
• CFO
• Chief Risk Officers
• ARM
• ARM-P
venue:
• Chief Legal Counsel • IT governance directors/managers the 2009 GRC Conference will be held at John
• Chief Compliance Officer •I T risk directors/managers hancock hotel & Conference Center, Boston,
• VPs of Risk Management Ma
• IT compliance directors/managers
• VP of Finance • IT Audit directors/managers accommodations:
• Treasurers • Information security directors/ a limited number of rooms have been reserved
• Controllers managers at the John hancock hotel (located at the John
hancock Conference Center) at a discount
• Director, Internal audit • IT directors/ consultants
rate of $189 per night (contact the hotel by
• Director, Operational Risk september 10, 2009 to receive the discounted
rate). also, please make sure to ask for the GsMi
involved in the followinG aReas: conference rate when you call for reservations.
to make reservations, call, 617 933 7700.
• Audit • Legal
• Compliance • Governmental affairs
• Governance • IT
• Risk management • Accounting
• Sarbanes Oxley (SOX) • Finance
• Ethics • Reliability
• Regulatory • Quality assurance
Mitigate Risks and
Prevent Future
Compliance Issues
3 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
4. Agenda at a Glance
day One - September 29, 2009
8:30 Continental Breakfast and Workshop Registration 12:00 Luncheon
Breakout sessions Breakout sessions
9:00 workshop a: workshop B: 1:15 workshop C: workshop d:
Leveraging Your Compliance Aligning ERM to Strategy Practical Application of Lead- ERM Process Improvement
Program Toward Corporate through the Balanced ing Practices in Regulatory
governance Scorecard (BSC) Compliance
4:15 Adjourn
day Two - September 30, 2009
8:00 Continental Breakfast and Registration Breakout sessions
8:45 Keynote: Stakeholder Reputation Risk: The Real Driver Behind it GRC: eRM:
Coordinated GRC Policies 2:15
developing Metrics and Case Study: Putting the “R”
9:40 Integrated GRC: Assurance Integration with Real ROI Measures for information in gRC, an enterprise Risk
governance Management (ERM) Perspective
10:35 Break and Refreshments
10:50 Best Practices to Achieve Results with Governance Risk and 3:15 Break and Refreshments
Compliance
Breakout sessions
11:35 Choosing the Right GRC Software it GRC: eRM:
3:30
12:15 Networking Luncheon GAIT for Business and IT Risk Learn How Your ERM Strategy
Can Enhance Your Company’s
Value and Credit Rating
Breakout sessions
4:30 it GRC: eRM:
1:15 it GRC: eRM:
Security By Compliance - A iso 31000 and eRM
governance, Risk, Compliance Utilizing ERM to Rebuild our
discussion of information Risk
- and Mobility Economy
Management’s Greatest Challenge
5:30 Adjourn
day Three - October 1, 2009
8:00 Continental Breakfast 12:00 Networking Luncheon
8:30 A Measure of Success:Tools to Evaluate GRC Program Design 1:15 Protect and Grow Shareholder Value with Best Practices and
and operation effective tool
Breakout sessions 1:45 Panel Discussion - Establishing GRC Goals and Performance
9:15 Metrics
financial GRC legal GRC:
Case Study: Beyond Bridging the Gap between 2:15 Break and Refreshments
Compliance: A SOX Perspective Legal and GRC 2:30 Building an Effective Whistle-blower Program - “Best mechanism to
10:15 Break and Refreshments surface fraud and wrongdoing”
Breakout sessions 3: 30 Bringing it all Together: Evaluating the Results of Your GRC Program
10:30 financial GRC: legal GRC: 4:30 Conference Adjourn
Mastering Financial Governance How the financial crisis will
– Bridging the Gap Between affect governance for corporate
SOX, Internal Audit, and Risk legal departments
Management Processes
4 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
5. 5 5 Reasons to Attend
2009 GRC Conference
1. integrate
Learn from leaders in risk management, governance and compliance how to
achieve compliance and insure ethical conduct while meeting general business
objectives. Take lessons learned back home to your organization’s GRC silo
leaders and facilitate integration among your entire company.
2. Connect
Network with your peers from organizations throughout the country and
around the world. Learn how others are implementing and improving GRC
initiatives and programs for today’s economy. There will be ample opportunity
for networking during our receptions, meals, breaks and informative sessions.
3. focus
Four interactive break out tracks. Identify case studies and lessons learned to
manage, measure, improve and integrate your GRC functions across all silos – IT,
Financial and Legal.
4. evolve
Information security is quickly evolving into information risk management.
The enterprise of today can no longer rely on technology alone to protect
information and information infrastructure, and requires a business approach
to information risk management, governance, and compliance to be successful.
Gain insight and guidance on key issues faced by enterprises today, as they
mature their capabilities and transform a reactive and technologically focused
approach to information security, into a proactive and risk based one.
5. save
Simplify GRC and reduce costs by managing multiple regulatory requirements
with one enterprise GRC platform..
5 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
6. feaTured speakers
Michael Rasmussen, patricia Florissi, Chris Boswell,
President, Risk & Distinguished Engineer, Director Risk and
Compliance Advisor, Strategic Initiative Leader, Compliance Services,
CORpORATE Governance, Risk and CA, InC
InTEGRITy, LLC Compliance,
EMC, InC
Mark Smith, Geoffrey Buswick, Johannes Swanepoel,
CEO & EVP Research, Managing Director, Director Enterprise
VEnTAnA Boston Head Office, Risk Management,
RESEARCH STAndARd & pOORS CURA SOFTWARE
CORpORATE And
GOVERnMEnT
RATInGS
nick Bako, CMA, Ranga Bodla,
Chief Risk Officer, Director, Solution Marketing,
OnTARIO LOTTERy EpM And GRC.
And GAMInG SAp, InC.
oTher speakers include:
• Jason Mefford, • Irving Kagan, • Steven Saporito,
VP of Business Process Assurance, Kagan Consultants Managing Director, Enterprise
Ventura Foods and Risk Finance Practice,
• Brad Vorhies, • Tony Tarantino, Phd, Author willis re
Manager of Financial Controls Compliance, and Adjunct Professor of Finance at
energy Future Holdings santa Clara uniVersity • Dr. Prodyot Samanta,
Managing Director,
• Carole L. Basri, tHrideye risKinsigHts
• Dave Ingram, Senior VP,
University of Penn Law School,
willis re
Corporate lawyering
group llC
6 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
7. Best Practices and Strategies
from Leaders in GRC!
aGenda and speakinG faculTy
daY one: Pre-Conference workshops: september 29, 2009
8:30 Continental Breakfast 12:00 Luncheon
and Registration
9:00 workshop a: 9:00 workshop B: 1:15 workshop C: 1:15 workshop d:
leveraging Your Compliance aligning eRM to strategy through Practical application of leading eRM Process improvement
Program toward Corporate the Balanced scorecard (BsC) Practices in Learn to benchmark your
Governance The COSO Framework describes Regulatory Compliance organizations enterprise risk
gain an understanding of various eRM as a process that guides the Today companies face the challenge management (eRM) structure,
paradigms around corporate achievement of strategic objectives. of establishing a consistent set of process, and practices with COSOs
governance, risk management, and Because of the integral role ERM processes, practices and systems that ERM Integrated Framework. This
compliance (gRC). discuss the plays in strategy execution, it support external compliance and workshop will identify opportunities
many challenges involved in aligning must be understood throughout internal self-assessment. Join us for this for improving your organizations
GRC within an organization. the entire organization. the workshop to identify leading practices ERM process by sharing and
Join us for this practical workshop Balanced Scorecard (BSC) is a that are being used by companies to comparing practices with other
and identify: performance measurement system create proactive programs that are eRM practitioners. attendees in
that communicates organizational sustainable and adaptable in the face of this workshop will:
• How one company is working
progress in executing strategy countless regulatory expectations and • Participate in a series of
through challenges of aligning
across four perspectives (financial, requirements across the physical and discussions on eRM challenges
gRC;
customer, internal processes, financial markets. and strategies for sustaining the
• Resources available to help learning and growth). At the core Workshop attendees will gain an eRM process.
your company work through of the BSC is a strategy map that
compliance challenges; and understanding of the key components • Validate the ERM approach and
shows the strategic linkage between of a compliance program as well as identify any blind spots.
• Various approaches for organizational objectives.Through gain valuable insight regarding the
leveraging your existing integrating objectives related to regulatory compliance capability
compliance and risk addressing specific risks into the maturity of their own organizations.
management programs to strategy map, organizations can Some specific leading practices
improve corporate governance create initiatives that make eRM an discussed include:
integral part of strategy execution.
• Risk Assessment Processes
In this comprehensive workshop,
• Organizational Structure
you will experience a hands-on
approach to incorporating eRM • Underlying Policies and
into organizational strategy through Procedures
using the BSC and the strategy map • Control and Monitoring
that supports it. Mechanisms
• IT Systems and Information
Management
Effectively Manage and Track GRC
Activities Across an Enterprise
7 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
8. aGenda and speakinG faculTy (conTinued)
daY two: september 30, 2009
8:00 Continental Breakfast 9:40 integrated GRC: assurance ries to assess your current vendors
integration with Real Roi and technologies and examine new
8:45 Keynote: stakeholder Reputation
Integrated GRC in the Virtual, Hyper- ones. Unfortunately the majority of
Risk: the Real driver Behind Coor-
Extended Business: Integration of organizations lack the technology
dinated GRC Policies
GRC silos for Real ROI. Find out know-how for making improvements
A key component in the emerging from monitoring to automation and
why integration is the key to success
regime of coordinated governance, risk, control to the specific analytics and
and why it is often the major cause
and compliance (gRC) management is metrics required to successful with
of corporate governance failures
ensuring that the company’s business GRC. This session will provide clarity
as organizations transition to new
is conducted in a manner that serves on the scope of GRC and the software
business models in the virtual world.
its various stakeholders in an effective, that can best meet an organization
Discover new approaches for
compliant, and untainted fashion. a needs while leveraging existing invest-
leveraging performance management
true indicator of the success or failure ments and provide the tools for every
and infrastructure monitoring systems
of this internal company effort is participant to make the best decision
to harvest empirical evidence for gRC.
the company’s imputed goodwill or for their organization.
Learn how to reduce the cost and
reputation, arguably the most valuable,
complexity of your company’s silo’d
yet fragile, attribute a company
gRC initiatives and gain insight into
possesses. 12:15 Networking Luncheon
new strategies, tactics and approaches
This keynote presentation will explore to optimize your infrastructure to
how the imposition of recent — and create real return on investment. BReaKout sessions
the strengthening of longstanding
— compliance obligations have 10:35 Break and Refreshments Choose: it GRC or eRM
compounded the responsibilities of 10:50 Best Practices to achieve Results it GRC:
professionals charged with enforcing with Governance Risk and
governance, risk, compliance, audit and Compliance 1:15 developing Metrics and Measures
ethics roles. It will examine compliance for information Governance
This session will cover the evolution of
measures and their practical impact on Information Governance has become
governance, risk and compliance (gRC)
companies, due to: a critical issue within organizations, and
management and discuss how it is being
• The expansive reach of the shaped by key stakeholders including a key success factor for businesses.
requirements consultants, regulators and end-users. In order to effectively maintain the
• The lack of precedents Identify various approaches to GRC and stewardship, integrity and security
highlight the strengths and weaknesses of of an organization’s information
• The emphasis on self-disclosure
each approach to cut through the hype infrastructure effective metrics
• The uncertainty over due process and measures must be developed,
rights in enforcement and identify areas where true value can
be derived today. Attendees will also learn implemented, and monitored. this
It will further examine how these session will cover the concept of
tips and tricks to help streamline risk,
elements expose the company’s enterprise metrics and measures in the
compliance and audit processes.
reputation to immediate risk, and how context of Information Governance
to structure a GRC culture within 11:35 Choosing the Right GRC software maturity as well as the issues that
the organization to address these Assess Your Needs and Establish Evalu- must be considered when developing,
exposures in a manner ensuring that ation Criteria for Finance, Operations implementing and monitoring them.
compliance issues are disseminated and it Attendees will participate in an
effectively through the organization interactive session to:
the challenges for organizations in
and implemented enterprise-wide.
addressing the spectrum of governance, • Identify current and target States on
Further, identify a coherent integrated
risk and compliance (gRC) is having an Information Governance Maturity
GRC effort developed by senior
clarity in the requirements for ad- Model
management in collaboration with the
dressing the specific process needs • Discuss challenges and strategies in
governance, risk, compliance, audit, legal
across business and IT. GRC has specific implementing roadmaps, metrics and
and ethics team to drive the entire
needs for finance, operations and IT reporting
organization to foster and protect a
areas where the specific competencies
company’s stakeholder reputation. • Learn about technologies that
across people, processes, information
accelerate movement up information
and technology need to be reviewed
Management maturity curves
for determining the right steps for
improvement.To do this successfully is to
understand the evaluation catego-
8 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
9. aGenda and speakinG faculTy (conTinued)
daY two: september 30, 2009 (Continued)
BReaKout sessions - Choose: it GRC or eRM
eRM: eRM: it GRC:
1:15 utilizing eRM to Rebuild our 2:15 Case study: Putting the “R” in GRC, 4:30 security By Compliance - a discus-
economy an enterprise Risk Management sion of information Risk Manage-
What role, if any, did ERM play in (eRM) Perspective ment's Greatest Challenge
the collapse of the financial markets? As compliance issues have become When most organizations today
enterprise Risk Management can increasingly important and the magnitude think about information protection,
be the tool to rebuild our economy. of their consequences has escalated, compliance is at the top of that list.
This session will evaluate how ERM the interface between governance This new level of consciousness has
is shaping business and how to use risk and compliance has moved up in become both a tremendous benefit
it your advantage. You’ll hear the prominence not just among regulators, to information security professionals
perspectives from rating agencies, but among stakeholders, shareholders, as well as their greatest fear. The
updates on the latest S&P initiatives, and management. This session will leadership of many companies are
tools you can use to implement describe how these GRC elements are now falling into the trap of feeling
ERM going forward, how financial integrated with a focus on the role of secure merely because they are
institutions’ failures reflect on their enterprise risk management in strategic compliant; however simply meeting
eRM practices, and other current issues and operational planning. legal and regulatory compliance
of relevance. requirements, does not necessarily
3:15 Break and Refreshments
mean that companies have fulfilled
it GRC: it GRC: their requirements for information
2:15 developing Metrics and Measures risk management and protection.
3:30 Gait for Business and it Risk
for information Governance Learn how to take advantage of the
Discover why leading-edge chief audit benefits created by new compliance
Information Governance has become executives and audit practitioners say requirements, while also overcoming
a critical issue within organizations, and there is no such thing as information the challenge of this new operating
a key success factor for businesses. technology (IT) risk. Discuss the procedure.
In order to effectively maintain the relationship between business risk and
stewardship, integrity and security IT risk. Review the methodology in eRM:
of an organization’s information the guide to the assessment of it Risk 4:30 iso 31000 and eRM
infrastructure effective metrics (GAIT) publication GAIT for Business
and measures must be developed, the international risk management
and IT Risk and how it is used to
implemented, and monitored. this framework is scheduled to be
ensure efficient auditing of IT. Develop
session will cover the concept of published in 2009. Most risk
a solid understanding of the gait for
enterprise metrics and measures in the professionals recognize the importance
Business and IT Risk methodology as
context of Information Governance of a formalized framework to ensure
well as the ability to apply it.
maturity as well as the issues that the successful implementation of
must be considered when developing, eRM: enterprise risk management (eRM).
implementing and monitoring them. Starting with the ISO 31000 risk
3:30 learn how Your eRM strategy Can
management process schedule,
Attendees will participate in an enhance Your Company's value and
learn how to tailor ERM to the
interactive session to: Credit Rating
individual needs of any organization,
• Identify current and target States on Reviewing the quality of enterprise align risk management objectives to
an Information Governance Maturity risk management (eRM) programs is organizational strategic goals and
Model no easy task. Learn directly about the missions and graft eRM culture onto
• Discuss challenges and strategies in review process, major findings and existing corporate culture.
implementing roadmaps, metrics and lessons-learned, and how to integrate
reporting the review into ratings determination.
Discover how others have improved 5:30 Adjourn
• Learn about technologies that
the quality of their decision making by
accelerate movement up information
incorporating risk information directly
Management maturity curves
into business and strategic planning, and
link your ERM programs to driving value
and improving business resiliency.
9 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
10. aGenda and speakinG faculTy (conTinued)
daY thRee: october 1, 2009
8:00 Continental Breakfast
8:30 a Measure of success: tools to evaluate GRC Program design and operation
• Learn how to evaluate the design and operating effectiveness of governance, risk management, and compliance (GRC) systems
• Hear about the new procedures and criteria for GRC program design evaluation and certification
• Expand your understanding of metrics that can be used to help GRC systems contribute to business objectives
MoRninG BReaKout sessions - Choose: financial GRC or legal GRC
financial GRC: companies weather the coming The convergence of financial
regulatory storm. Identify how to governance disciplines provides the
9:15 Case study: Beyond Compliance: a
utilize general counsel to help lead the opportunity to streamline processes,
sox Perspective
way as far as implementing processes improve risk management, and create
Learn how to embed reliable control and ensuring compliance. Key points of greater transparency and visibility to
self-assessment into your organization focus of this session include: financial processes, risks and controls.
in order to provide ongoing assurance
• How legal will overlap but not • Discuss the basics and best practices
that goes far beyond Sarbanes-Oxley
duplicate work being done by of financial governance
Section 404 (SOx) compliance
records information management • Provide examples of how to
in order to achieve operational
(RIM) and information technology improve and converge the efforts of
objectives and quality control over
(it) and corporate compliance internal audit, risk management and
internal control. You will learn how
officers compliance
to leverage your existing investment
to achieve an embedded process that • How corporate legal departments • Offer a pragmatic approach to
will greatly reduce costly direct testing can influence legislative decision better implement risk management
and the non-value-add burden of SOX makers to minimize the negative discipline across your finance
compliance. Moreover, this process impacts on my company and business processes
can be used to provide ongoing industry
legal GRC:
assurance regarding the achievement • How to build support across the
of all company control objectives. organization for an expanded general 10:30 how the financial Crisis has and will
counsel role continue to affect Governance for
legal GRC: Corporate legal departments
10:15 Break and Refreshments
9:15 Bridging the Gap between legal and We can be absolutely sure that the
GRC consequences of the financial crisis
too often, corporate legal departments will reach far and wide, in the form
financial GRC:
have neglected to take an active role of a fresh round of regulation and
in governance decisions and oversight, 10:30 Mastering financial Governance – oversight that is likely to spill over into
resulting in avoidable consequences. Bridging the Gap Between sox, many jurisdictions, with important
Mitigating risks and preventing future internal audit, and Risk Management implications for governance and
compliance issues are both dependent Processes corporate legal departments. While
on setting up defensible governance With ever increasing regulations, legal’s role in governance is but one
policies now, before regulations force the maturity of SOX processes, and facet in a corporation, it is an essential
the issue. Legal departments must the growing need for enhanced risk one. It is likely that the aftershocks of
ensure accountability, defensibility and management disciplines, enabling a the Wall Street meltdown will have
transparency in a company’s processes, sound financial governance strategy lasting effects with new rules coming
systems, protocols, structures, has become very complex. Most around governance and transparency.
operations and controls. the legal finance departments currently Identify ways in which you and your
scope is growing to fulfill new roles in manage these processes in disparate company’s legal department can be
the realm of corporate governance. silos and systems that fail to provide prepared for the future changes.
General counsel is ideally positioned an integrated view of audit, risk
within corporations to lead important management and financial control
decision-making processes and help compliance.
Network, Learn and Transform Your Organization!
10 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
11. aGenda and speakinG faculTy (conTinued)
daY thRee: october 1, 2009
12:00 Networking Luncheon 2:15 Break and Refreshments
2:30 Building an effective whistle-blower
1:15 Protect and Grow shareholder value Program - “Best mechanism to
with Best Practices and effective
Adopt A
surface fraud and wrongdoing”
tools
A whistle-blower function provides
In many organizations, risk an important element in a more
management and strategy robust enterprise risk management
management are often treated framework:
as unrelated processes. . this
disconnected approach often fails
to take into account the impacts
• Helps set “tone at the top” of the
organization Unified
that risk might have on strategic • Effective “detective” control
initiatives. Strategy management
is ultimately about creating new
and sustainable value. Without an
• Supplements normal information &
communications systems
• Mechanism for risk monitoring
Strategy To
understanding of the inherent risks
The objectives of these programs are to:
Improve
associated with value creation, it
is difficult to get a clear picture of • encourage ethical and legal violations
the strategy, or worse, no effective to be brought forward for prompt
path to execute the strategy. Using resolution
best practices and pursuing an • minimize the organization’s exposure
integrated approach to strategy
and risk management, executives
ensure that they are focusing on the
to damage
• let employees know the organization
is serious about adherence to codes
Governance,
right initiatives to drive execution of of conduct
strategy and manage risk.
Avoid Letting New Strategies and
3:30 Bringing it all together: evaluating
the Results of Your GRC Program
Assess Risk
Initiatives Fail Your company has implemented a
Learn why so many new
strategies and initiatives often
fail. Management often lacks the
robust GRC program, but how do you
really know if it’s designed adequately
and operating effectively? Traditional
And Ensure
ability to track strategy execution, audit techniques may not provide you
and the associated risks are not
comprehensively monitored and
managed.
with the full answer to that question.
In this presentation, participants will
gain an understanding of the following:
Compliance
• Determining the scope of a
Risk-intelligent strategic planning
comprehensive gRC audit
provides for the ability to
understand and manage business • Designing a maturity-based audit
performance. SAP offers a solution approach
that integrates risk management and • Gathering information on the soft
strategy management processes to aspects of a gRC program
effectively and proactively execute • Reporting the results to get action
with a complete understanding of
underlying risks.
4:30 Conference adjourns
11 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
12. sponsors and media parTners:
sponsors:
Cura enables over 200 business, government eMC works with organizations around the aP is the world’s leading provider of business
and other entities worldwide to achieve world, in every industry, in the public and software(*), offering applications and
the bottom line benefits of enterprise- private sectors, and of every size, from services that enable companies of all sizes
wide governance, risk management startups to the fortune Global 500. our and in more than 25 industries to become
and compliance (GRC) and enhanced customers include banks and other financial best-run businesses. with more than
performance management, through fast services firms, manufacturers, healthcare and 86,000 customers in over 120 countries,
implementation, easier configurability life sciences organizations, internet service the company is listed on several exchanges,
and true enterprise architecture. Cura and telecommunications providers, airlines including the frankfurt stock exchange and
has offices in new York, london, sydney, and transportation companies, educational nYse, under the symbol “saP.”
Melbourne and Johannesburg, and partners institutions, and public-sector agencies. eMC
in 10 countries also provides technology, products, and services
to consumers in more than 100 countries.
media parTners:
associaTion sponsor:
interested in sponsorship Or exhibiting opportunities?
Contact: Byron Mignanelli
byron@gsmiweb.com
or 888.409.4418
12 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
13. RegistRation: the 2009 Governance, Risk Management and Compliance summit
september 29, 30 and october 1, 2009
John Hancock Hotel & Conference Center • Boston, MA
ReGistRation fee: by 7/10 by 8/14 after 8/15 Please fill in the following information and fax back to: (619) 923-3542
Commercial
summit only q $1595 q $1795 q $1995
name
silver Pass: summit + 1 workshop q $2090 q $2290 q $2490
Gold Pass: summit + 2 workshops q $ 2390 q $2590 q $2790 title
Government non Profit
department
forum only q $1295 q $1495 q $1695
silver Pass: summit + 1 workshop q $1790 q $1990 q $2190
Company
Gold Pass: summit + 2 workshops q $2090 q $ 2290 q $2490
Mailing address
GRouP disCounts of 5 oR MoRe:
For information about group discounts of 6 or more people and Team City state
Learning opportunities for 2009 GRC Conference, please contact Luke
Vinci at 888.409.4418 or email him at luke.vinci@gsmiweb.com
Zip code Country (if applicable)
adMinistRative note: A 10% cancellation fee on registration will be
charged for cancellations received less than three weeks from the date of telephone fax
the conference. As speakers are confirmed six months before the event,
some speaker changes or topic changes may occur in the program. GSMI is
not responsible for speaker changes, but will work to ensure a comparable email
speaker is located to participate in the program.
CanCellation & QualitY assuRanCe: Payment Method:
The Global Strategic Management Institute strives to provide you with Credit Card: q amex q visa q MasterCard q Check
the most productive and effective educational experience possible. If after
completing the course you feel there is some way we can improve, please Credit Card number
provide us in writing with your comments on the evaluation for provided
up on arrival. Should you feel dissatisfied with your learning experience
name on Card
and wish to request a credit or refund, please submit it in writing no later
than 10 business days after the end of the training to: VP of Educational
Services, GSMI, 1804 Garnet Ave #492, San Diego, CA 92109. We will expiration date
evaluate individual complaints in a context of collective comments from
the event. do you have any dietary restrictions (e.g. kosher, vegetarian)? q Yes q no
A $300 service fee will be charged on cancellations received less than four
weeks from the date of the event. A credit memo will be sent reflective of if so, please specify:
your tuition rate minus the $300 cancellation service fee. The remaining tu-
ition funds will only be valid for a future conference and must be used within
one year of the credit memo. If you do not cancel your registration before
the day of the event, you will be charged for the full conference amount. As
speakers are confirmed months before the event, some speaker changes do you require any accommodations that require special attention?
or topic changes may occur in the program. Global Strategic Management q Yes q no
Institute is not responsible for speaker changes, but will work to ensure a
if so, please specify:
comparable speaker is located to participate in the program.
(e.g. wheel-chair access)
venue: aCCoMModations: exhiBitinG and sPonsoRshiP
The 2009 Governance, Risk Management and A limited number of rooms have been reserved infoRMation:
Compliance Summit Conference will be held at: at the John Hancock Hotel (located at the John To learn more about exhibiting at 2009 GRC
John Hancock Hotel & Conference Center Hancock Conference Center) at a discount rate of Conference, please contact Luke Vinci at
40 Trinity Pl, Boston, MA 02116 $189 per night (contact the hotel by September
888.409.4418 or email him at
10, 2009 to receive the discounted rate). also,
luke.vinci@gsmiweb.com
(617) 933-7700 please make sure to ask for the gsMi conference
rate when you call for reservations.
www.jhcenter.com
to make reservations, call, (617) 933 7700